Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 18, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3131 7.5 重要
Network 		Apache Software Foundation Apache OFBiz Apache Software FoundationのApache OFBizにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-31910 2026-05-21 10:53 2026-05-19 Show GitHub Exploit DB Packet Storm
3132 9.1 緊急
Network 		Apache Software Foundation Apache OFBiz Apache Software FoundationのApache OFBizにおけるハードコードされた暗号鍵の使用に関する脆弱性 CWE-321
ハードコードされた暗号鍵の使用 		CVE-2026-31986 2026-05-21 10:53 2026-05-19 Show GitHub Exploit DB Packet Storm
3133 4.8 警告
Network 		Mattermost, Inc. Mattermost Server Mattermost, Inc.のMattermost Serverにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-3495 2026-05-21 10:53 2026-05-18 Show GitHub Exploit DB Packet Storm
3134 6.5 警告
Network 		Apache Software Foundation Apache OFBiz Apache Software FoundationのApache OFBizにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-35086 2026-05-21 10:52 2026-05-19 Show GitHub Exploit DB Packet Storm
3135 8.8 重要
Local 		マイクロソフト Microsoft 365 Apps
Microsoft Office
Office Long Term Servicing Channel (LTSC) 		Microsoft Office クイック実行の特権の昇格の脆弱性 CWE-1220
アクセス制御の不十分な粒度 		CVE-2026-35436 2026-05-21 10:52 2026-05-12 Show GitHub Exploit DB Packet Storm
3136 5.5 警告
Local 		マイクロソフト Microsoft 365 Apps
Microsoft Office
Microsoft Word
Office Long Term Servicing Channel (LTSC) 		Microsoft Word の情報漏えいの脆弱性 CWE-552
外部からアクセス可能なファイルまたはディレクトリ 		CVE-2026-35440 2026-05-21 10:52 2026-05-12 Show GitHub Exploit DB Packet Storm
3137 4.3 警告
Network 		Mattermost, Inc. Mattermost Server Mattermost, Inc.のMattermost Serverにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-3637 2026-05-21 10:52 2026-05-18 Show GitHub Exploit DB Packet Storm
3138 9.8 緊急
Network 		H2O.ai H2O H2O.aiのH2Oにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-3960 2026-05-21 10:52 2026-04-23 Show GitHub Exploit DB Packet Storm
3139 8.4 重要
Local 		マイクロソフト Microsoft 365 Apps
Microsoft Office
Office Long Term Servicing Channel (LTSC) 		Microsoft Office のリモート コードが実行される脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-40358 2026-05-21 10:52 2026-05-12 Show GitHub Exploit DB Packet Storm
3140 7.8 重要
Local 		マイクロソフト Microsoft Office Online Server
Microsoft Excel
Microsoft Office
Office Long Term Servicing Channel (LTSC)
Microsoft 365 Apps 		Microsoft Excel のリモートでコードが実行される脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-40359 2026-05-21 10:52 2026-05-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 18, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
344991 - mysql mysql The mysql_uninstall_plugin function in sql/sql_plugin.cc in MySQL 5.1 before 5.1.46 does not check privileges before uninstalling a plugin, which allows remote attackers to uninstall arbitrary plugin… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2010-1621 2018-01-5 11:29 2010-05-15 Show GitHub Exploit DB Packet Storm
344992 - realnetworks helix_universal_server Multiple buffer overflows in RealNetworks Helix Universal Server 9.0 (9.0.2.768) allow remote attackers to execute arbitrary code via (1) a long Transport field in a SETUP RTSP request, (2) a DESCRIB… NVD-CWE-Other
CVE-2002-1643 2017-12-23 11:29 2002-12-19 Show GitHub Exploit DB Packet Storm
344993 - ramp_networks webramp WebRamp M3 router does not disable remote telnet or HTTP access to itself, even when access has been explicitly disabled. NVD-CWE-Other
CVE-1999-1264 2017-12-20 11:29 1999-01-21 Show GitHub Exploit DB Packet Storm
344994 - linux linux_kernel The Linux 2.2.x kernel does not restrict the number of Unix domain sockets as defined by the wmem_max parameter, which allows local users to cause a denial of service by requesting a large number of … NVD-CWE-Other
CVE-2000-0227 2017-12-20 11:29 2000-03-23 Show GitHub Exploit DB Packet Storm
344995 - goahead_software goahead_webserver Directory traversal vulnerability in GoAhead web server 2.1 and earlier allows remote attackers to read arbitrary files via a .. attack in an HTTP GET request. NVD-CWE-Other
CVE-2001-0228 2017-12-20 11:29 2001-05-3 Show GitHub Exploit DB Packet Storm
344996 - goahead_software goahead_webserver GoAhead webserver 2.1 allows remote attackers to cause a denial of service via an HTTP request to the /aux directory. NVD-CWE-Other
CVE-2001-0385 2017-12-20 11:29 2001-07-2 Show GitHub Exploit DB Packet Storm
344997 - counterpane password_safe Password Safe 1.7(1) leaves cleartext passwords in memory when a user copies the password to the clipboard and minimizes Password Safe with the "Clear the password when minimized" and "Lock password … NVD-CWE-Other
CVE-2001-0984 2017-12-20 11:29 2001-09-13 Show GitHub Exploit DB Packet Storm
344998 - goahead_software
orange_software
montavista_software 		goahead_webserver
orange_web_server
hard_hat_linux 		Directory traversal vulnerability in GoAhead Web Server 2.1 allows remote attackers to read arbitrary files via a URL with an encoded / (%5C) in a .. (dot dot) sequence. NOTE: it is highly likely th… NVD-CWE-Other
CVE-2002-0680 2017-12-20 11:29 2002-07-23 Show GitHub Exploit DB Packet Storm
344999 - goahead_software goahead_webserver Cross-site scripting vulnerability in GoAhead Web Server 2.1 allows remote attackers to execute script as other web users via script in a URL that generates a "404 not found" message, which does not … NVD-CWE-Other
CVE-2002-0681 2017-12-20 11:29 2002-07-23 Show GitHub Exploit DB Packet Storm
345000 - goahead_software goahead_webserver Buffer overflow in GoAhead WebServer 2.1 allows remote attackers to execute arbitrary code via a long HTTP GET request with a large number of subdirectories. NVD-CWE-Other
CVE-2002-1951 2017-12-20 11:29 2002-12-31 Show GitHub Exploit DB Packet Storm